buildah/chroot/seccomp_test.go

//go:build linux && seccomp

package chroot

import (
	"fmt"
	"os"

	specs "github.com/opencontainers/runtime-spec/specs-go"
	"go.podman.io/common/pkg/seccomp"
)

const seccompAvailable = true

func setupSeccomp(spec *specs.Spec, seccompProfilePath string) error {
	switch seccompProfilePath {
	case "unconfined":
		spec.Linux.Seccomp = nil
	case "":
		seccompConfig, err := seccomp.GetDefaultProfile(spec)
		if err != nil {
			return fmt.Errorf("loading default seccomp profile failed: %w", err)
		}
		spec.Linux.Seccomp = seccompConfig
	default:
		seccompProfile, err := os.ReadFile(seccompProfilePath)
		if err != nil {
			return fmt.Errorf("opening seccomp profile failed: %w", err)
		}
		seccompConfig, err := seccomp.LoadProfile(string(seccompProfile), spec)
		if err != nil {
			return fmt.Errorf("loading seccomp profile (%s) failed: %w", seccompProfilePath, err)
		}
		spec.Linux.Seccomp = seccompConfig
	}
	return nil
}
chroot: fix unused warnings When running golangci-lint run --tests=false, it complains: > chroot/seccomp.go:15:7: const `seccompAvailable` is unused (unused) > const seccompAvailable = true > ^ > chroot/seccomp.go:182:6: func `setupSeccomp` is unused (unused) > func setupSeccomp(spec *specs.Spec, seccompProfilePath string) error { > ^ Fix this. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> 2025-04-01 13:32:56 +08:00			`//go:build linux && seccomp`

			`package chroot`

			`import (`
			`"fmt"`
			`"os"`

			`specs "github.com/opencontainers/runtime-spec/specs-go"`
Switch common, storage and image to monorepo. Signed-off-by: Jan Kaluza <jkaluza@redhat.com> 2025-08-29 20:55:12 +08:00			`"go.podman.io/common/pkg/seccomp"`
chroot: fix unused warnings When running golangci-lint run --tests=false, it complains: > chroot/seccomp.go:15:7: const `seccompAvailable` is unused (unused) > const seccompAvailable = true > ^ > chroot/seccomp.go:182:6: func `setupSeccomp` is unused (unused) > func setupSeccomp(spec *specs.Spec, seccompProfilePath string) error { > ^ Fix this. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> 2025-04-01 13:32:56 +08:00			`)`

			`const seccompAvailable = true`

			`func setupSeccomp(spec *specs.Spec, seccompProfilePath string) error {`
			`switch seccompProfilePath {`
			`case "unconfined":`
			`spec.Linux.Seccomp = nil`
			`case "":`
			`seccompConfig, err := seccomp.GetDefaultProfile(spec)`
			`if err != nil {`
			`return fmt.Errorf("loading default seccomp profile failed: %w", err)`
			`}`
			`spec.Linux.Seccomp = seccompConfig`
			`default:`
			`seccompProfile, err := os.ReadFile(seccompProfilePath)`
			`if err != nil {`
			`return fmt.Errorf("opening seccomp profile failed: %w", err)`
			`}`
			`seccompConfig, err := seccomp.LoadProfile(string(seccompProfile), spec)`
			`if err != nil {`
			`return fmt.Errorf("loading seccomp profile (%s) failed: %w", seccompProfilePath, err)`
			`}`
			`spec.Linux.Seccomp = seccompConfig`
			`}`
			`return nil`
			`}`